I created an api to fetch data from a custom table, only authenticated users can access the api. I used it in a fetch in an embedded form, when I execute the app a popup appears to sign in then the fetch result is displayed.
In order to remove the popup, I added an authorization headers as shown below
fetch("/api", {
headers: {
'Authorization': 'Basic ' + btoa('demo:demo')
}
})
...
I don’t think this is a good practice though, is there a way I can pass the authenticated user token dynamically ?